On 04/01/2014 11:44 AM, Clay Kossmeyer wrote:
Hi All -
The Cisco PSIRT has been sending IOS Security Advisories to the NANOG mailing
list for well over a decade. We started this process a long time ago at the
request of the list’s then-membership and haven’t been asked to change since.
Admittedly, vulnerability disclosure/discussion/reporting has changed a bit
over the years and we may be a bit overdue on rethinking the need to send to
NANOG. :)
Given that there are a number of forums that more directly address either
Cisco-specific issues or are specific to vulnerability announcements, we’re
happy to discontinue sending to the NANOG list directly.
Cisco maintains a mailing list and RSS feed to which we send our Security
Advisories, and you’re welcome to join if interested:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html#rsvifc
Its true this information is also available in other forums, but I don't
have time to filter thru all of those. I *do* have time for nanog,
however, because of the good cross section represented here and because
it's worthwhile to be aware of what may be happening in other people's
camps, because very frequently problems on one side of the wire can
spill over and affect the other side as well. I think the advisories are
highly relevent then and absolutely should be included here on nanog.
Thanks.
